A cyberattack on 1,500 doctors in France at the end of 2025 resulted in the leak of personal data of 15 million patients, according to the company responsible for the software.
A recent cyberattack targeting the software used by approximately 3,800 doctors in France has led to a significant data breach, impacting 15 million patients. The breach was detected in late 2025 when unusual activity within the application was observed. The affected software, designed by Cegedim Santรฉ, served around 1,500 healthcare professionals whose patient data was compromised. Following the attack, the company confirmed that personal information had been accessed illegally, although they did not disclose the exact figures of those affected.
The compromised data primarily included administrative records, such as names, surnames, genders, dates of birth, and phone numbers of patients. In a limited number of cases, there may have been additional sensitive information contained in personal notes made by the doctors. The French Ministry of Health has acknowledged that the scale of this breach is alarming, with estimates suggesting that nearly every individual related to the involved doctors may be at risk of having their information exposed.
This incident raises significant concerns about cybersecurity in the healthcare sector, emphasizing the need for stronger protective measures against attacks that jeopardize patient privacy. With personal data being one of the most valuable assets on the dark web, the implications of these breaches extend beyond immediate privacy concerns, potentially leading to identity theft and other criminal activities. Authorities and healthcare providers are now urged to bolster their security infrastructures to prevent future attacks that could have devastating effects on patient safety and trust in the healthcare system.
